Several simultaneous libpq connections from the same application to different servers using different SSL certs
When using a libpq-based clientlib with SSL, libpq gets crt and key files from %APPDATA%\postgresql (on MS Windows) (from now on called "DIR"). I'd like to connect from the same app to two different pg servers using a different set of crt/key files. One way of doing that could have been to first connect to one server, then replace the files in DIR, and connect to the other server. However, that does not work. It seems the app still uses the info from the files which were in DIR during the first connection. 1) Is there a way to specify which DIR to use for a particular connection? 2) If not, will this be available in pg 8.4? 3) Is there a way to merge different crt/key file sets in the same DIR to allow libpq using different ones for different connections? 4) Other suggestions of how to solve my problem using pg 8.3?
Knut P. Lehre wrote:
When using a libpq-based clientlib with SSL, libpq gets crt and key
files from %APPDATA%\postgresql (on MS Windows) (from now on called
"DIR"). I'd like to connect from the same app to two different pg
servers using a different set of crt/key files. One way of doing that
could have been to first connect to one server, then replace the files
in DIR, and connect to the other server. However, that does not work. It
seems the app still uses the info from the files which were in DIR
during the first connection. 1) Is there a way to specify which DIR to
use for a particular connection? 2) If not, will this be available in pg
8.4? 3) Is there a way to merge different crt/key file sets in the same
DIR to allow libpq using different ones for different connections? 4)
Other suggestions of how to solve my problem using pg 8.3?
No, this is not possible with 8.3. You can use different keys, but not
different certificates.
8.4 will give you the ability to specify certificates on a
per-connection basis.
//Magnus